tcp/ip stack in user space

tcp/ip stack in user space

[X.Xiao]

i want to move tcp/ip stack(including routing and
netfilter) to userspace, my goal is to trace all the
instructions involved in a firewall and router since i
don't know how to trace these instructions inside the
kernel. i want to get something like:

incoming ip packets(a file)-->fake ISR-->tcp/ip
stack-->outgoing ip packets( to /dev/null).

my question is: is it possible and relatively easy to
move tcp/ip stack to user space?

thanks for help.

X.Xiao

__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/

Re: tcp/ip stack in user space (possible FAQ addition?)

[Eric Weigle]

> i want to move tcp/ip stack(including routing and
> netfilter) to userspace, my goal is to trace all the
> instructions involved in a firewall and router since i
> don't know how to trace these instructions inside the
> kernel. i want to get something like:
> 
> incoming ip packets(a file)-->fake ISR-->tcp/ip
> stack-->outgoing ip packets( to /dev/null).
> 
> my question is: is it possible and relatively easy to
> move tcp/ip stack to user space?
This comes up fairly frequently, it might be a good addition to the FAQ.
Here's my attempt at an answer culled from prior messages.

Several people have user-mode network stacks at various levels of
development, but it is *highly* unlikely for them ever to get into
the kernel proper (see the monolithic versus microkernel debate at
http://www.kernel.org/pub/linux/docs/lkml/#s15-4).

Here are some URLs to which you can refer for more information:
	http://www.cl.cam.ac.uk/Research/SRG/netos/arsenic/
	http://www.cs.nwu.edu/~pdinda/minet/minet.html
	http://www.joerch.org/tcpip/
	http://freshmeat.net/projects/libutcp/

However, for security purposes, you probably do not want a user-mode stack.
You want an extensible packet handling mechanism, and can be found with:
	iptables/ipchains -- the native Linux firewalling tools,
		http://netfilter.samba.org/
	tc -- the Traffic control program,
		http://www.sparre.dk/pub/linux/tc/
	libpcap -- packet capture library,
		http://www.tcpdump.org

Thanks,
-Eric

-- 
--------------------------------------------
 Eric H. Weigle   CCS-1, RADIANT team
 ehw@lanl.gov     Los Alamos National Lab
 (505) 665-4937   http://home.lanl.gov/ehw/
--------------------------------------------

Re: tcp/ip stack in user space

[Frank Schaefer]

On Tue, 2002-04-16 at 20:54, X.Xiao wrote:
> i want to move tcp/ip stack(including routing and
> netfilter) to userspace, my goal is to trace all the
> instructions involved in a firewall and router since i
> don't know how to trace these instructions inside the
> kernel. i want to get something like:
> 
> incoming ip packets(a file)-->fake ISR-->tcp/ip
> stack-->outgoing ip packets( to /dev/null).
> 
> my question is: is it possible and relatively easy to
> move tcp/ip stack to user space?

Hi,

Eric is right, I've started a syncookie fw using a daemon process for
now, because this is the first time I meet the kernel sources on a
larger project.

I do this using the REDIRECT ( ipchains ) / QUEUE ( ipfilter ) targets,
to get the packets to userspace. Once there, you can do what you want
using libpcap or syuscalls.

Regards and hope this helps
Frank

> Do You Yahoo!?